Overview

overview

7

Static

static

3

SUGAR_ID_TO_IP.exe

windows7-x64

7

SUGAR_ID_TO_IP.exe

windows10-2004-x64

7

main.pyc

windows7-x64

3

main.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/05/2024, 21:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    SUGAR_ID_TO_IP.exe

  • Size

    5.2MB

  • MD5

    c6a5d04ade6d0be45412f81caf753092

  • SHA1

    1a5d9fc35570dddcfb72eafb695a70f6a2b6459c

  • SHA256

    76abeb8d5bdb804ffee00e40d19696e517522982a5d96609fbc9fa1b5d1ad08e

  • SHA512

    8615451558e3bccbc23f02b7ff5d297cc0c47009bd44f3d3dcb4360b17150050ec36ced04b14c3b8bca5ae32e034cfa6a4010a8690ed83bcaaca11da47d0d31a

  • SSDEEP

    98304:SM8F3elwuzb71QGQCPDbZfHayCb7BJ5mjwNwwMeZYobSr+FKElUyM:SMqsdQmRfaycBIGpEoZdlK

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SUGAR_ID_TO_IP.exe
    "C:\Users\Admin\AppData\Local\Temp\SUGAR_ID_TO_IP.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2412
    • C:\Users\Admin\AppData\Local\Temp\SUGAR_ID_TO_IP.exe
      "C:\Users\Admin\AppData\Local\Temp\SUGAR_ID_TO_IP.exe"
      2⤵
      • Loads dropped DLL
      PID:3436
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3696 --field-trial-handle=3192,i,2785050981002401924,4037047756083432660,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4256

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\VCRUNTIME140.dll
            Filesize

            106KB

            MD5

            870fea4e961e2fbd00110d3783e529be

            SHA1

            a948e65c6f73d7da4ffde4e8533c098a00cc7311

            SHA256

            76fdb83fde238226b5bebaf3392ee562e2cb7ca8d3ef75983bf5f9d6c7119644

            SHA512

            0b636a3cdefa343eb4cb228b391bb657b5b4c20df62889cd1be44c7bee94ffad6ec82dc4db79949edef576bff57867e0d084e0a597bf7bf5c8e4ed1268477e88

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\_bz2.pyd
            Filesize

            81KB

            MD5

            bbe89cf70b64f38c67b7bf23c0ea8a48

            SHA1

            44577016e9c7b463a79b966b67c3ecc868957470

            SHA256

            775fbc6e9a4c7e9710205157350f3d6141b5a9e8f44cb07b3eac38f2789c8723

            SHA512

            3ee72ba60541116bbca1a62db64074276d40ad8ed7d0ca199a9c51d65c3f0762a8ef6d0e1e9ebf04bf4efe1347f120e4bc3d502dd288339b4df646a59aad0ec1

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\_decimal.pyd
            Filesize

            242KB

            MD5

            6339fa92584252c3b24e4cce9d73ef50

            SHA1

            dccda9b641125b16e56c5b1530f3d04e302325cd

            SHA256

            4ae6f6fb3992bb878416211221b3d62515e994d78f72eab51e0126ca26d0ee96

            SHA512

            428b62591d4eba3a4e12f7088c990c48e30b6423019bebf8ede3636f6708e1f4151f46d442516d2f96453694ebeef78618c0c8a72e234f679c6e4d52bebc1b84

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\_hashlib.pyd
            Filesize

            60KB

            MD5

            d856a545a960bf2dca1e2d9be32e5369

            SHA1

            67a15ecf763cdc2c2aa458a521db8a48d816d91e

            SHA256

            cd33f823e608d3bda759ad441f583a20fc0198119b5a62a8964f172559acb7d3

            SHA512

            34a074025c8b28f54c01a7fd44700fdedb391f55be39d578a003edb90732dec793c2b0d16da3da5cdbd8adbaa7b3b83fc8887872e284800e7a8389345a30a6a4

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\_lzma.pyd
            Filesize

            153KB

            MD5

            0a94c9f3d7728cf96326db3ab3646d40

            SHA1

            8081df1dca4a8520604e134672c4be79eb202d14

            SHA256

            0a70e8546fa6038029f2a3764e721ceebea415818e5f0df6b90d6a40788c3b31

            SHA512

            6f047f3bdaead121018623f52a35f7e8b38c58d3a9cb672e8056a5274d02395188975de08cabae948e2cc2c1ca01c74ca7bc1b82e2c23d652e952f3745491087

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\_socket.pyd
            Filesize

            75KB

            MD5

            0f5e64e33f4d328ef11357635707d154

            SHA1

            8b6dcb4b9952b362f739a3f16ae96c44bea94a0e

            SHA256

            8af6d70d44bb9398733f88bcfb6d2085dd1a193cd00e52120b96a651f6e35ebe

            SHA512

            4be9febb583364da75b6fb3a43a8b50ee29ca8fc1dda35b96c0fcc493342372f69b4f27f2604888bca099c8d00f38a16f4c9463c16eff098227d812c29563643

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\base_library.zip
            Filesize

            859KB

            MD5

            bfaeabf788dbdb16d143e6285ba1b626

            SHA1

            aa77138995843906e7abf74acb0ce355fd691675

            SHA256

            fccbb22cc4116e702ac04dc87f5a900bc6c000429444d3a492b82421325b2bfe

            SHA512

            1263a7fc9eeb581b0bee89e65bceea9bd41658591c60b56342af09645f86630b281f4e48d35b6056645eb3d2f3b061bb3680fffe64d2a76f1d8e16295fcdb2cf

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\libcrypto-1_1.dll
            Filesize

            3.3MB

            MD5

            6f4b8eb45a965372156086201207c81f

            SHA1

            8278f9539463f0a45009287f0516098cb7a15406

            SHA256

            976ce72efd0a8aeeb6e21ad441aa9138434314ea07f777432205947cdb149541

            SHA512

            2c5c54842aba9c82fb9e7594ae9e264ac3cbdc2cc1cd22263e9d77479b93636799d0f28235ac79937070e40b04a097c3ea3b7e0cd4376a95ed8ca90245b7891f

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\python310.dll
            Filesize

            4.3MB

            MD5

            deaf0c0cc3369363b800d2e8e756a402

            SHA1

            3085778735dd8badad4e39df688139f4eed5f954

            SHA256

            156cf2b64dd0f4d9bdb346b654a11300d6e9e15a65ef69089923dafc1c71e33d

            SHA512

            5cac1d92af7ee18425b5ee8e7cd4e941a9ddffb4bc1c12bb8aeabeed09acec1ff0309abc41a2e0c8db101fee40724f8bfb27a78898128f8746c8fe01c1631989

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\select.pyd
            Filesize

            28KB

            MD5

            c119811a40667dca93dfe6faa418f47a

            SHA1

            113e792b7dcec4366fc273e80b1fc404c309074c

            SHA256

            8f27cd8c5071cb740a2191b3c599e99595b121f461988166f07d9f841e7116b7

            SHA512

            107257dbd8cf2607e4a1c7bef928a6f61ebdfc21be1c4bdc3a649567e067e9bb7ea40c0ac8844d2cedd08682447b963148b52f85adb1837f243df57af94c04b3

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\_MEI24122\unicodedata.pyd
            Filesize

            1.1MB

            MD5

            4c8af8a30813e9380f5f54309325d6b8

            SHA1

            169a80d8923fb28f89bc26ebf89ffe37f8545c88

            SHA256

            4b6e3ba734c15ec789b5d7469a5097bd082bdfd8e55e636ded0d097cf6511e05

            SHA512

            ea127779901b10953a2bf9233e20a4fab2fba6f97d7baf40c1b314b7cd03549e0f4d2fb9bad0fbc23736e21eb391a418d79a51d64402245c1cd8899e4d765c5a

            Download Submit